Jesus · Bible · HTML · CSS · JS · PHP · SVG · Applications

hash_equals

Description

The hash_equals of Hash for PHP timing attack safe string comparison.

Syntax

hash_equals(string $known_string, string $user_string): bool

Parameters

known_string

The string of known length to compare against

user_string

The user-supplied string

Return

Returns true when the two strings are equal, false otherwise.

Examples

1 · known_string user_string · equal

<?

$known_string = hash('sha384', 'Hello');
$user_string = hash('sha384', 'Hello');

$return = hash_equals($known_string, $user_string);

var_export($return);

?>
true

2 · known_string user_string · unequal algorithm

<?

$known_string = hash('sha384', 'Hello');
$user_string = hash('md5', 'Hello');

$return = hash_equals($known_string, $user_string);

var_export($return);

?>
false

3 · known_string user_string · unequal data

<?

$known_string = hash('sha384', 'Hello');
$user_string = hash('sha384', 'Good-bye');

$return = hash_equals($known_string, $user_string);

var_export($return);

?>
false
HomeMenu